Hi, On Thu, 19 Sept 2024 at 17:13, Ilias Apalodimas <ilias.apalodi...@linaro.org> wrote: > > > > On Thu, Sep 19, 2024, 18:05 Heinrich Schuchardt > <heinrich.schucha...@canonical.com> wrote: >> >> On 19.09.24 17:00, Simon Glass wrote: >> > Hi, >> > >> > On Thu, 19 Sept 2024 at 16:32, Ilias Apalodimas >> > <ilias.apalodi...@linaro.org> wrote: >> >> >> >> Hi all, >> >> >> >> On Thu, 19 Sept 2024 at 17:20, Heinrich Schuchardt >> >> <heinrich.schucha...@canonical.com> wrote: >> >>> >> >>> On 19.09.24 16:10, Simon Glass wrote: >> >>>> Hi Heinrich, >> >>>> >> >>>> On Sat, 14 Sept 2024 at 18:06, Heinrich Schuchardt >> >>>> <heinrich.schucha...@canonical.com> wrote: >> >>>>> >> >>>>> For measured be boot we must avoid any volatile values in the >> >>>>> device-tree. >> >>>>> We already delete /chosen/kaslr-seed if we provide and EFI RNG >> >>>>> protocol. >> >>>> >> >>>> Could you explain a bit why this is, and where this is checked? >> >>>>> >> >>>>> Additionally remove /chosen/rng-seed provided by QEMU or U-Boot. >> >>> >> >>> Measured boot relies on creating hashes of artifacts and writing these >> >>> to TPM. If the hashes don't match the OS will either warn or refuse to >> >>> boot. The device-tree is one of the artifacts that are measured. >> >>> >> >>> If we have random values in /chosen, measured boot will fail. >> >>> >> >>> When an EFI RNG protocol is provided by the firmware, GRUB and the >> >>> kernel will use it instead of /chosen/rng-seed and /chosen/kaslr-seed. >> >> >> >> There's a comment on top of that function that explains what happens as >> >> well. >> >> In short the EFI stub does not even look at the KASLR seed and never >> >> randomizes the physical placement of the kernel. It only does that >> >> when the EFI_RNG protocol is there. >> > >> > OK thank you. I suppose I am more just wondering why it got added in >> > the first place? >> >> For booting via the legacy Linux entry point adding kaslr-seed allows to >> randomize addresses. QEMU adds rng-seed instead of kaslr-seed. > > > Not the kernel physical placement. It randomizes only the virtual placement
So, are you saying that U-Boot adds this field into the FDT and then removes it? Regards, Simon
